Was AT&T hacked recently?
Many AT&T wireless consumers reported on social media sites and forums of having their accounts hacked and SIM switching or number porting scams between the beginning of December 2022 and at the start of January 2023. This prompted others to hypothesize that AT&T itself had suffered a data hack of sorts. AT&T Internet is not responsible, however, and has stated that social engineering and credential stuffing assaults seem to be the source of the illegal access to consumer accounts instead of a hack or data breach at AT&T.
A SIM swap/port-out fraud is a kind of identity theft wherein the assailant may fool the victim's mobile phone carrier into transferring the victim's phone number to a new SIM card.
In port-out fraud—also known as SIM swap fraud—a hacker fools or induces a mobile operator into porting or forwarding the victim's phone number to another SIM card controlled by the fraudster. This positions them to intercept conversations and communications intended for the victim, including the 2FA one-time passwords for access and management of online accounts.
In what way are SIM swaps/port outs generally executed?
SIM swaps are typically done through a process known as social engineering – the attacker simply calls the carrier posing as the legitimate user and persuades the customer service representative to perform a SIM swap. Other times, cybercriminals bribe mobile provider employees to authorize fraudulent SIM swaps. Other times, SIM swap scams involve customer account or identity compromise by using credential stuffing, phishing, or other data breaches and credential leaks. When they have gathered enough of the victim’s details, they can proceed to request a SIM swap under the pretext of being the rightful owner of the cell phone number.
What signals that it was credential stuffing rather than AT&T being hacked?
If there had been a hack or data breach of AT&T itself that exposed customer data, the number of affected accounts would have been much more – in the millions. Moreover, combined with the analysis by AT&T and cybersecurity professionals, the recent attacks revealed that the use of credential stuffing was also behind these recent cyberattacks rather than AT&T’s system. A large number of the people impacted reclaimed their login identifiers and passwords which have previously been disclosed or comprised in other hacking attacks unrelated to the current one. Hackers take these stolen usernames and passwords and then recycle them on other platforms and websites using credential-stuffing techniques.
What measures has AT&T taken to address the situation?
Speaking in statements, AT&T has claimed that they have incorporated additional security measures and authentication to minimize the chances of further SIM swapping attacks in the future. They also said, “To add more layers for customer protection, we advise using secure settings like non-recycling passwords and enabling more security features such as two-factor authentication and account lock.” In other words, shifting the blame to the customer and encouraging them to use secure passwords and other security measures.
What should the consumers who are subscribed to AT&T do?
It might be noted that the responsibility seems to lie more on individual users of AT&T than on AT&T itself to safeguard their accounts. It is suggested that wireless customers create another PIN with the wireless carrier that they must give before any alteration of their account is allowed; this will also prevent the SIM swap even when a password has been obtained fraudulently. Also, ensure you are employing complicated and distinct passwords for the AT&T account, and also consider using two-factor or multiple-factor verification. Avoid all scar letter-type messages requesting that you provide personal data or accounts - AT&T and almost all large corporations will not call you out of the blue and ask for your passwords, account numbers, or special codes. Maintaining frequent checks on the account activities can also assist in alerting you sooner if any change occurs without your consent.
Is it possible for a breach or swap of my AT&T account? If so, how will I come to know?
The first and most apparent indications are an acute lack of signal with your SIM card properly inserted into the device, and the inability to call/text. You may also find new unknown outgoing calls or text messages from your number if cyber criminals are using your ported number. This makes it easy for you to note any changes like different phone numbers added or any other shifts that show that your account has been compromised. As soon as the victims realize that there have been unauthorized changes in their accounts, they should contact AT&T customer support.
Are all customers of AT&T in a precarious position?
Nonetheless, any violation of telecom provider security is concerning; however, at present, it appears that the recent cases are isolated and motivated rather than an AT&T breach. It seems that only a few AT&T customers have been impacted – those who use passwords that have been previously exposed to data breaches. If customers are conscious of their passwords and how secure their accounts are, they cannot be easily exploited by SIM swapping and port-out scams. However, as always, the best practice is to stay alert and check your account statements with your wireless carrier, and also any other site where your credit card details have been entered. It is also advised to enable higher levels of security when they are possible because they contribute to safety as well.
Upgrade to faster, more reliable AT&T Fiber Internet today! Call us at +1 844-905-5002 and get connected with speeds that keep you ahead.